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Amendments to the Claims: 

The following listing of claims will replace all prior versions, and listings, of claims 

in the application: 

1. (Currently Amended) A method for control and maintenance of an operational 
organizational structure, involving cryptographic control and maintenance of entities within 
one or more organizations, the method being automated using a computing device, the 
method comprising: 

associating crypto graphic capabilities with electronic representations of entities within 
an organization structure with cryptographic capabiliti e s ; 

organizing entities within the organizational structure as roles through associating the 
electronic representations of entities with electronic representations of roles; and 

upon any addition, deletion or modification of an entity, a cryptographic capability, or 
any of their associations, maintaining roles within the organizational structure by adding, 
deleting or modifying electronic representations of the entities, cryptographic capabilities;, 
roles, or any of their associations. 

2. (Original) A method as in claim 1, wherein the method involves at least a public 
key infrastructure operation. 

3. (Original) A method as in claim 1 wherein the control and maintenance further 
comprises: 

assigning elements in said organizational structure to roles within said organizational 
structure. 

4. (Original) A method as in claim 1 wherein the control and maintenance further 
comprises: 

assigning elements in said organizational structure to groups within said 
organizational structure. 

5. (Canceled) 
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6. (Original) A method as in claim 3 wherein at least some of said elements are 
already grouped elements. 

7. (Previously Presented) A method as in claim 1 wherein said method involves 
access control technology - 

8. (Previously Presented) A method as in claim 1 wherein said method involves at 
least an access control operation. 

9. (Previously Presented) A method as in claim 1 wherein said method involves at 
least a data-base operation. 

10. (Previously Presented) A method as in claim 1 wherein said method involves at 
least one operation implemented in a hardware device. 

11. (Previously Presented) A method as in claim 1 wherein the operational 
organizational structure represents at least one commercial organization. 

12. (Previously Presented) A method as in claim 1 wherein die operational 
organizational structure represents at least two organizations,, and wherein one of said 
organizations performs at least one function on behalf of another of said organizations. 

13. (Previously Presented) A mediod as in claim 1 wherein the mediod further 
comprises changing software whose authorization is checked. 

14. (Previously Presented) A method as in claim 1 wherein the method further 
comprises changing hardware. 

15. (Previously Presented) A method as in claim 1 wherein the method further 
comprises moving hardware. 

16. (Previously Presented) A system for control and maintenance of an operational 
structure involving at least one cryptographic method, entities within organizations, 
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characteristics of said entities and relationships between said entities, wherein the system 
comprises code executable by a computing device to: 

maintain electronic representations of capabilities of entities; 

maintain electronic representations of functions of entities; 

maintain electronic representations of characteristics of entities; 

maintain electronic representations of relationships of entities; and 

change the maintained electronic representations of said entities said characteristics 
and said relationships upon an addition, deletion, or modification of a characteristic or 
relationship of the entities, 

17. (Previously Presented) A system as in claim 1 6 where at least one of said entities 
is an individual in an organization. 

18. (Previously Presented) A system as in claim 16 where at least one of said entities 
is a group of individuals in an organization. 

19. (Original) A system as in claim 16 where at least one capability is a role in an 
organization. 

20. (Original) A system as in claim 16 where at least one capability is a task in an 
organization. 

21. (Original) A system as in claim 16 where at least one function is an operation by a 
functionary in an organization. 

22. (Original) A system as in claim 16 where at least one function is an operation by a 
group of functionaries in an organization. 

23. (Original) A system as in claim 16 where said entities in an organization are 
represented in a public key infrastructure directory. 

24. (Original) A system as in claim 16 where at least one of said characteristics and 
said relationships is represented in a directory - 
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25. (Previously Presented) A system as in claim 1 6 where at least one of said 
characteristics, at least one of said relationships, or both is represented in a public key 
infrastructure directory. 

26. (Previously Presented) A system as in claim 16 where an operation of said system 
involves updating at least one directory. 

27. (Previously Presented) A system as in claim 16 where an operation of said system 
involves updating at least one public key infrastructure directory. 

28. (Previously Presented) A system as in claim 16 where said code to change said 
maintained elements comprises code to change information processing control structure. 

29. (Previously Presented) A system as in claim 1 6 where said code to change said 
maintained elements comprises code to change cryptographic certification information within 
the public-key infrastructure directories. 

30. (Previously Presented) A system as in claim 16 where said code to change said 
maintained elements comprises code to change databases . 

31. (Previously Presented) A system as in claim 16 where said code to change said 
maintained elements comprises code to change cryptographic certification information within 
the public-key infrastructure directories and further database changes. 

32. (Original) A system as in claim 1 6 where said entities, said characteristics and 
said relationships are maintained by combining databases components and components of 
certification authorities of a public key infrastructure. 

33. (Original) A system as in claim 16 where said entities are represented in one 
directory and said characteristics and said relationships are represented in a second directory. 
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34. (Previously Presented) A system as in claim 16 where said entities are 
represented in at least a first directory and said characteristics and said relationships are 
represented in at least a second directory. 

35. (Original) A system as in claim 16 comprising observers, where said entities said 
characteristics and said relationships are partially visible to various observers. 

36. (Previously Presented) A system as in claim 16 where an operation of said system 
comprises cryptographic key management operations. 

37. (Previously Presented) A system as in claim 1 6 where an operation of said system 
is activated by at least one designated entity amongst said entities. 

38. (Previously Presented) A system as in claim 16 where an operation of said system 
is activated based on agreed upon rules. 

39. (Previously Presented) A system as in claim 16 where an operation of said system 
is activated based on authorizations. 

40. (Previously Presented) A system as in claim 1 6 where an operation of said system 
comprises database maintenance operations involving said entities said characteristics and 
said relationships. 

41. (Original) A system as in claim 16 where said characteristics and said 
relationships define authorization rules. 

42. (Original) A system as in claim 16 where said characteristics and said 
relationships define authorization rules based on access structure. 

43. (Original) A system as in claim 16 where said characteristics and said 
relationships define authorization rules based on cryptographic capability. 
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44. (Original) A system as in claim 16 where said characteristics and said 
relationships define authorization rales based on shared cryptographic capability. 

45. (Original) A system as in claim 16 with The additional operations of logging said 
system's operations. 

46. (Original) A system as in claim 16 with the additional operations of logging said 
system's operations, where said logging is performed in various locations in said system. 

47. (Original) A system as in claim 16 with the additional operations of monitoring 
operations within said system. 

48. (Original) A system as in claim 16 with the additional operations of time-stamping 
Operations within said system. 

49. (Original) A system as in claim 16 where at least one of said system's operations 
is performed distributedly via communication. 

50. (Original) A system as in claim 16 where at least one of said system's operations 
is a distributed database operation, 

51. (Original) A system as in claim 16 where at least one of said system's operations 
involves physical handling of devices to one of said entities, 

52. (Currently Amended) A database system embodied in a tangible medium 
representing an organization involving directories representing entities, their characteristics, 
roles, and relationships together with their associations with cryptographic capabilities, the 
database system comprising the following transactional components: 

connection to cryptographic authorities representing the cryptographic capabilities 
associated with said entities, said characteristics and said relationships; 

a maintenance system embodied in a tangible medium by which said database and 
said cryptographic authorities are maintained in coordination and by authorized parties 
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assuring the representation of said organization and said cryptographic capabilities are 
soundly associated as defined by tke-coordination directives; and 

maintenance transactions acting within said maintenance system, maintaining a view 
representing an organization. 

53. (Original) A system as in claim 52 wherein said organization comprises a plurality 
of entities. 

54. (Original) A sysStem as in claim 52 wherein said cryptographic authorities is a 
plurality of at least one certification authorities, 

56. (Original) A system as in claim 52 wherein said cryptographic authorities is a 
plurality of authorities organized hierarchically. 

57. (Original) A system as in claim 52 wherein said authorized parties are maintained 
by another instantiation of the system. 

58. (Previously Presented) A system as in claim 52 wherein said authorized parties are 
assigned by management of said organization. 

59. (Previously Presented) A system as in claim 52 wherein said coordinating 
directives involve cryptographic fields assuring integrity of the operation. 

60. (Original) A system as in claim 52 wherein said maintaining view representing an 
organization may present different characteristics and components to different outside 
reviewers. 

61 . (Original) A system as in claim 52 wherein said cryptographic capabilities involve 
digital certificates. 

62. (Previously Presented) A system as in claim 52 wherein said organization 
comprises various organizational units. 
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63. (Previously Presented) A system as in claim 52 wherein said organization 
comprises various organizational units where entities are defined in one unit and their roles 
are defined within a second unit, 

64. (New) A method as in claim 1 where a plurality of entities are electronically 
visible to one part of the organization, a first set of outside viewers, or both, and roles or 
characteristics thereof are electronically visible to another part of the organization, a second 
set of outside viewers, or both. 

65. (New) A method as in claim 1 where maintaining of roles within the 
organizational structure is protected and can be performed only by an authorized party inside 
or outside the organization, 

66. (New) A system as in claim 16 where a plurality of entities are electronically 
visible to one part of the organization, a first set of outside viewers, or both, and roles or 
characteristics thereof are electronically visible to another pan of the organization, a second 
set of outside viewers, or both. 

67. (New) A system a$ in claim 16 where change to the maintained electronic 
representations of said entities said characteristics or said relationships is protected and can 
be performed only by an authorized party inside or outside the organization. 
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